Pass ISO-9001-Lead-Auditor Exam Guide

In the context of a third-party certification audit, match the roles with the following responsibilities:

Responsibilities:

Conduct the audit to the assigned area.= Auditors

Assist the auditors in identifying personnel to participate in the audit.= Guide

Assign each team member’s responsibility for the audit.= Audit team leader

Respond to questions and provide evidence to the auditor.= Auditee

According to ISO 19011:2018, clause 3, the definitions of the roles are as follows1:

Auditors: persons with the competence to conduct an audit

Guide: person appointed by the auditee to assist the audit team

Auditee: organization being audited

Audit team leader: member of an audit team appointed to manage the audit or an audit team

Therefore, the roles can be matched to the responsibilities based on these definitions and the description of the audit process in clause 6 of the standard1.

In ISO 9001:2015, the responsibility for managing the audit program lies with those overseeing the entire audit process rather than the Audit Team Leader. During the planning stage, before involving the Audit Team Leader, key actions for managing the audit program include:

1. Providing the Resources Needed: According to clause 7.1 (Resources), the audit program manager must ensure that the necessary resources are in place to conduct the audit effectively. This encompasses logistical support, personnel, and other required resources for the audit to proceed smoothly.

2. Reviewing Reports of Previous Audits: As per clause 9.2.2 (Internal Audit), it is essential to consider the results of previous audits to plan effectively for the upcoming audit. This helps identify areas that require particular attention, ensuring continuity and focusing on recurring issues or improvements since the last audit.

These actions ensure that the audit is thoroughly prepared and that there is continuity and focus on any areas that might need closer inspection. The other options, such as preparing the audit plan, assigning responsibilities, preparing checklists, and selecting the audit team members, generally fall under the duties of the Audit Team Leader once they are appointed and engaged in the planning process.

 Responsibilities of the Audit Team Leader:

ISO 19011:2018 (guidelines for auditing management systems), which supports the principles in ISO 9001:2015, specifies the responsibilities of an audit team leader. These responsibilities include:

Planning the audit and establishing effective communication between the audit team and auditee.

Ensuring that formal communication channels are agreed upon and followed.

Reporting the audit progress, significant findings, and any concerns to the auditee or audit client as necessary.

Managing the audit team and ensuring adherence to the defined objectives and scope.

 Analysis of Options:

A. Reporting unattainable audit objectives to the accreditation body:Incorrect. This is not the responsibility of the audit team leader. The accreditation body oversees the certification body and is not directly involved in specific audits. If objectives are unattainable, the audit team leader would report them to the audit client (the certification body), not the accreditation body.

B. Planning formal communication arrangements:Correct. This is one of the responsibilities of the audit team leader. They ensure auditees can communicate with auditors as needed during the audit process.

C. Confirming communication channels during the opening meeting:Correct. During the opening meeting, the audit team leader must establish clear communication protocols to ensure effective information exchange between the audit team and auditee.

D. Communicating progress, findings, and concerns:Correct. Keeping the auditee and audit client informed about progress and significant findings is a critical responsibility of the audit team leader to maintain transparency and ensure the audit objectives are met.

 Why Option A is Correct:

The audit team leader does not have any obligation to report unattainable objectives to the accreditation body. Instead, they are responsible for communicating issues to the audit client (typically the certification body). The accreditation body operates at a higher level and is concerned with overseeing certification bodies, not individual audits.

 Relevant References:

ISO 19011:2018, Clause 6.4 (Conducting the Audit): Emphasizes the responsibilities of the audit team leader, including communication with the auditee and client.

ISO 9001:2015, Clause 9.2 (Internal Audit): Highlights the importance of planning and communication during audits, which is reflected in third-party audits as well.

Based on the scenario provided, there is evidence of nonconformity with the requirements defined in:

C. Clause 7.5.1 Documented information - General: The scenario indicates that there is no formal process for informing users about updates to the SWIFT database, which suggests a lack of control over documented information. This could lead to users being unaware of important changes and not using the latest version of the software, which is required by the quality management system1.

E. Clause 7.5.3 Control of documented information: The Operations Director’s approach to updating the SWIFT database and the lack of communication to users about these updates indicate that the documented information is not adequately controlled. Allowing users to revert to earlier versions of the software at their discretion further suggests that the organization does not have a proper mechanism in place to ensure the integrity and suitability of documented information2.

These clauses are part of the ISO 9001:2015 standard, which requires organizations to have a systematic approach to controlling and managing documented information as part of their quality management system. The scenario described shows a casual approach to managing critical software updates, which could affect the organization’s ability to consistently meet customer and regulatory requirements.